Date   

Siemens Announces OpenChain 2.0 Conformance

 

Siemens, an OpenChain Platinum Member and pioneer of adoption around our standard, has announced OpenChain 2.0 conformance. This builds on their previous public work in describing their journey and announcing 1.1 conformance in April 2017.

“The adoption of OpenChain 2.0 by Siemens continues their leadership in the space of open source compliance,” says Shane Coughlan, OpenChain General Manager. “This version of our standard is functionally identical to our ISO submission, positioning Siemens to become one of the first companies to adhere to our ISO release later in 2020. My congratulations to Oliver and all the team. I look forward to taking next steps together.”

https://www.openchainproject.org/news/2020/04/09/siemens-announces-openchain-2-0-conformance


All Compliance Groups have unlimited free access to OpenChain UberConference

 

Would you prefer to use UberConference? We have a room there any compliance project or person can use for free. No scheduling, no password, all calls recorded.

Join the call: https://www.uberconference.com/openchainproject
Optional dial-in number: +1-855-889-3011
No PIN Needed


Reminder: You can make free use of the OpenChain Zoom Room

 

Reminder: OpenChain has pro-level subscription on Zoom we are making freely available for all compliance-related projects and people to use during lockdown. You can schedule a time here:
https://calendly.com/openchainproject

(all calls are recorded)


Re: OpenChain First Monday Webinar - 9am Pacific Today

 

Hi Achutha!

I’ll make sure to pre-record an answer with Armijn for the opening of the next webinar :)

Shane

On Apr 8, 2020, at 17:16, Achutha.Kolluru@... wrote:

Hi Shane ,

Thanks for these webinars which will definitely be helpful to discuss on global practices with experts around the globe.

During the previous webinar with Armijn Hemel , it was great to listen on his research on container compliance and the way he thinks we should deal with the containers and its relation with component licenses.
We had this question during the webinar but due to time constraint we couldn't ask the same and then I haven’t got his address to check on this and hence writing here to see if you can post this to him for the answer.

" Can we now consider the container carries only the recipe of the image and we aren't delivering the actual contents as you said , and then can we also possibly accept distributing Copyleft components(GPL) also in the container as a reference without any license violation as per your research? "

It would be helpful if we can get his views on this or his direct contact for more clarification.

Thanks
Achuth..

----------------------------------------------------------------------


-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: Monday, April 6, 2020 7:07 PM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today

[External]


Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fj%2F9990120120&amp;data=02%7C01%7Cachutha.kolluru%40cognizant.com%7Cdd9291d535a144d9f16108d7da2f8d46%7Cde08c40719b9427d9fe8edf254300ca7%7C0%7C0%7C637217770096691521&amp;sdata=cbtOOQO45ORNjhW3stW%2BqfNsCMuhH%2F3hZV4Nx0TzAuU%3D&amp;reserved=0

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fu%2FabeUqy3kYQ&amp;data=02%7C01%7Cachutha.kolluru%40cognizant.com%7Cdd9291d535a144d9f16108d7da2f8d46%7Cde08c40719b9427d9fe8edf254300ca7%7C0%7C0%7C637217770096691521&amp;sdata=mtnUNgvcfCkvlEWpi7B2asurCaplWJafKVp00R%2FTb2Q%3D&amp;reserved=0
Not all countries have available numbers.

After dialing the local number enter 9990120120#


This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful. Where permitted by applicable law, this e-mail and other e-mail communications sent to and from Cognizant e-mail addresses may be monitored.
This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful. Where permitted by applicable law, this e-mail and other e-mail communications sent to and from Cognizant e-mail addresses may be monitored.


Re: OpenChain First Monday Webinar - 9am Pacific Today

achutha.kolluru@...
 

Hi Shane ,

Thanks for these webinars which will definitely be helpful to discuss on global practices with experts around the globe.

During the previous webinar with Armijn Hemel , it was great to listen on his research on container compliance and the way he thinks we should deal with the containers and its relation with component licenses.
We had this question during the webinar but due to time constraint we couldn't ask the same and then I haven’t got his address to check on this and hence writing here to see if you can post this to him for the answer.

" Can we now consider the container carries only the recipe of the image and we aren't delivering the actual contents as you said , and then can we also possibly accept distributing Copyleft components(GPL) also in the container as a reference without any license violation as per your research? "

It would be helpful if we can get his views on this or his direct contact for more clarification.

Thanks
Achuth..

----------------------------------------------------------------------

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan via lists.openchainproject.org
Sent: Monday, April 6, 2020 7:07 PM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today

[External]


Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fj%2F9990120120&amp;data=02%7C01%7Cachutha.kolluru%40cognizant.com%7Cdd9291d535a144d9f16108d7da2f8d46%7Cde08c40719b9427d9fe8edf254300ca7%7C0%7C0%7C637217770096691521&amp;sdata=cbtOOQO45ORNjhW3stW%2BqfNsCMuhH%2F3hZV4Nx0TzAuU%3D&amp;reserved=0

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fu%2FabeUqy3kYQ&amp;data=02%7C01%7Cachutha.kolluru%40cognizant.com%7Cdd9291d535a144d9f16108d7da2f8d46%7Cde08c40719b9427d9fe8edf254300ca7%7C0%7C0%7C637217770096691521&amp;sdata=mtnUNgvcfCkvlEWpi7B2asurCaplWJafKVp00R%2FTb2Q%3D&amp;reserved=0
Not all countries have available numbers.

After dialing the local number enter 9990120120#


This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful. Where permitted by applicable law, this e-mail and other e-mail communications sent to and from Cognizant e-mail addresses may be monitored.
This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful. Where permitted by applicable law, this e-mail and other e-mail communications sent to and from Cognizant e-mail addresses may be monitored.


OpenChain Webinar #2: OpenChain in China (Maggie) and OpenChain at Facebook (Michael) – Coming April 20th

 

OpenChain Webinar #2 coming Monday 20th of April at 5pm Pacific, 8am Tuesday in Beijing + Taipei, and 9am Tuesday in Seoul + Tokyo. We have guest speakers on two topics: OpenChain in China + OpenChain at Facebook.

Maggie Wang will speak about OpenChain in China. Maggie’s background ranges from working as an in-house at Huawei to acting as the China representative for Ladas and Parry. Her unique experience in-house and as outside counsel positions her perfectly to help contextualize where we are with regards compliance, standardization and business reality in one of our most important markets.

Michael Cheng will speak about OpenChain at Facebook, a topic that ranges from adoption activity and broader leadership in the compliance space by the company. His perspective will provide added value given the simultaneous decision by Facebook, Google and Uber to join OpenChain as Platinum Members in late 2018, and plenty of runway for our audience to ask questions about real-life lessons learned.

Everyone is invited to this free event:
https://www.openchainproject.org/featured/2020/04/08/openchain-webinar-2


OpenChain Webinar #1 – Supply Chain Governance + Container Compliance – Full Recording

 

The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kicked off on Monday the 6th of April with speakers on Supply Chain Governance and Container Compliance.
https://www.openchainproject.org/news/2020/04/08/openchain-webinar-1-supply-chain-governance-container-compliance-full-recording


OpenChain Japan Work Group – Sub-Group Webinar - April 23

 

The OpenChain Japan Work Group’s latest event will feature reports from six sub-groups: promotion, FAQ, education, leaflet, licensing and tooling. Everyone is invited. This event will be in Japanese.
https://www.openchainproject.org/news/2020/04/07/openchain-japan-work-group-sub-group-webinar


OpenChain Newsletter – Issue 35 – March 2020

 

The OpenChain Project March newsletter is out. This is the best way to keep track of the (crazy amount of) activity around the project. Tons of news on global meetings, conformance and partners:
https://www.openchainproject.org/openchain-newsletter-issue-35

You can also browse our full newsletter archive here:
https://www.openchainproject.org/news/newsletter


The OpenChain Japan Article Series - Episode 2 out now - Japanese

 

Our series of articles from the OpenChain Japan Work Group continues with the second installment: Imada San from Hitachi discussing what specifically this local group does:
https://www.openchainproject.org/news/2020/04/06/%e3%82%88%e3%81%86%e3%81%93%e3%81%9dopenchain-japan-wg%e3%81%b8%ef%bc%81-2


OpenChain webinar today - right now

 

If you have any trouble entering the room let me know.

Password (forced by Zoom even with option selected off):
123456

Join Our Zoom Meeting:
https://zoom.us/j/9990120120


Re: OpenChain First Monday Webinar - 9am Pacific Today

 

123456 :)

On Apr 7, 2020, at 0:56, Jimmy Ahlberg via lists.openchainproject.org <jimmy.ahlberg=ericsson.com@...> wrote:

Seems a password is needed?

Sent from Workspace ONE Boxer

On 6 Apr 2020 16:10, "Shane Coughlan via lists.openchainproject.org" <scoughlan=linuxfoundation.org@...> wrote:
I have turned it off for our meeting (hopefully)

On Apr 6, 2020, at 22:48, Samantha Elliott (samellio) <samellio@...> wrote:

Hi Shane,

Is there a password now, since Zoom has implemented a password?

Thanks,
Samantha

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: Monday, April 6, 2020 9:37 AM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today

Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://zoom.us/j/9990120120

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ Not all countries have available numbers.

After dialing the local number enter 9990120120#




Re: OpenChain First Monday Webinar - 9am Pacific Today

Jimmy Ahlberg
 

Seems a password is needed?

Sent from Workspace ONE Boxer

On 6 Apr 2020 16:10, "Shane Coughlan via lists.openchainproject.org" <scoughlan=linuxfoundation.org@...> wrote:
I have turned it off for our meeting (hopefully)

> On Apr 6, 2020, at 22:48, Samantha Elliott (samellio) <samellio@...> wrote:
>
> Hi Shane,
>
> Is there a password now, since Zoom has implemented a password?
>
> Thanks,
> Samantha
>
> -----Original Message-----
> From: main@... <main@...> On Behalf Of Shane Coughlan
> Sent: Monday, April 6, 2020 9:37 AM
> To: OpenChain Main <main@...>
> Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today
>
> Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.
>
> Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.
>
> Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
> Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.
>
> Join Our Zoom Meeting
>
>    • https://zoom.us/j/9990120120
>
> One Tap Telephone (no screensharing)
>
>    • +358 9 4245 1488,,9990120120# Finland
>    • +33 7 5678 4048,,9990120120# France
>    • +49 69 7104 9922,,9990120120# Germany
>    • +852 5808 6088,,9990120120# Hong Kong
>    • +39 069 480 6488,,9990120120# Italy
>    • +353 6 163 9031,,9990120120# Ireland
>    • +81 524 564 439,,9990120120# Japan
>    • +82 2 6105 4111,,9990120120# Korea
>    • +34 917 873 431,,9990120120# Spain
>    • +46 850 539 728,,9990120120# Sweden
>    • +41 43 210 71 08,,9990120120# Switzerland
>    • +44 330 088 5830,,9990120120# UK
>    • +16699006833,,9990120120# US (San Jose)
>    • +12532158782,,9990120120# US
>
> Find your local number: https://zoom.us/u/abeUqy3kYQ Not all countries have available numbers.
>
> After dialing the local number enter 9990120120#
>
>




Re: OpenChain First Monday Webinar - 9am Pacific Today

 

Hi all

Sadly, Zoom is forcing a password to be used for our meeting.

The password is 123456.

Shane

On Apr 6, 2020, at 23:10, Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...> wrote:

I have turned it off for our meeting (hopefully)

On Apr 6, 2020, at 22:48, Samantha Elliott (samellio) <samellio@...> wrote:

Hi Shane,

Is there a password now, since Zoom has implemented a password?

Thanks,
Samantha

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: Monday, April 6, 2020 9:37 AM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today

Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://zoom.us/j/9990120120

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ Not all countries have available numbers.

After dialing the local number enter 9990120120#



Re: OpenChain First Monday Webinar - 9am Pacific Today

 

I have turned it off for our meeting (hopefully)

On Apr 6, 2020, at 22:48, Samantha Elliott (samellio) <samellio@...> wrote:

Hi Shane,

Is there a password now, since Zoom has implemented a password?

Thanks,
Samantha

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: Monday, April 6, 2020 9:37 AM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today

Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://zoom.us/j/9990120120

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ Not all countries have available numbers.

After dialing the local number enter 9990120120#


Re: OpenChain First Monday Webinar - 9am Pacific Today

Samantha Elliott (samellio)
 

Hi Shane,

Is there a password now, since Zoom has implemented a password?

Thanks,
Samantha

-----Original Message-----
From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: Monday, April 6, 2020 9:37 AM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain First Monday Webinar - 9am Pacific Today

Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://zoom.us/j/9990120120

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ Not all countries have available numbers.

After dialing the local number enter 9990120120#


OpenChain First Monday Webinar - 9am Pacific Today

 

Reminder: The OpenChain Project has launched a series of bi-weekly free webinars that provide access to people and knowledge that we would otherwise obtain at events. We kick off on Monday the 6th of April at 9am Pacific (6pm in Brussels) with two guest speakers.

Dr. Nikolay Harutyunyan will speak about ‘Corporate Open Source Governance of Software Supply Chains’, a talk based on recently published research constituting material from a literature review of 87 publications, a qualitative survey of 20 primary materials and 21 expert interviews at 15 companies. This bridged into a 2.5-year longitudinal study into a company that was just getting started with open source governance and following their evolution.

Armijn Hemel, MSc will speak about Docker container compliance. He has an extensive background as an internationally recognized expert in the field of GPL license compliance engineering with a particular focus on practical solutions to real-world product and service challenges. While best known for his work in embedded technology, Armijn has been exploring the topic of container compliance in recent years, and has been at the forefront of defining best practices in this space.
Each talk will run for 10~15 minutes and there will be plenty of time for questions, comments and suggestions. As with all OpenChain Project activities, our goal is to facilitate knowledge-sharing between peers.

Join Our Zoom Meeting

https://zoom.us/j/9990120120

One Tap Telephone (no screensharing)

• +358 9 4245 1488,,9990120120# Finland
• +33 7 5678 4048,,9990120120# France
• +49 69 7104 9922,,9990120120# Germany
• +852 5808 6088,,9990120120# Hong Kong
• +39 069 480 6488,,9990120120# Italy
• +353 6 163 9031,,9990120120# Ireland
• +81 524 564 439,,9990120120# Japan
• +82 2 6105 4111,,9990120120# Korea
• +34 917 873 431,,9990120120# Spain
• +46 850 539 728,,9990120120# Sweden
• +41 43 210 71 08,,9990120120# Switzerland
• +44 330 088 5830,,9990120120# UK
• +16699006833,,9990120120# US (San Jose)
• +12532158782,,9990120120# US

Find your local number: https://zoom.us/u/abeUqy3kYQ
Not all countries have available numbers.

After dialing the local number enter 9990120120#


Re: OpenChain Zoom room tested - complete success

Gilles Gravier
 

Yeah. The current new defaults involve having a password set by default (which if we communicate with the full URL to the room, that isn't an issue as the URL contains the password - and if not, we have to give room number AND password), as well as having the waiting room enabled by default (which means having the conference moderator accept people into the room - I think this can be turned off if we want). So far the rest shouldn't have an impact.

Regards,


Gilles Gravier
Director, Senior Advisor
Open Source - Blockchain
M: +41 794728437
in/gillesgravier  @gravax
Wipro Limited


From: main@... <main@...> on behalf of Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...>
Sent: Monday 6 April 2020 13:23
To: OpenChain Main <main@...>
Subject: Re: [openchain] OpenChain Zoom room tested - complete success
 
** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**

The only thing to watch for now is whether their security changes start messing with our freely accessible and usable room. We need it open for the international community :)

> On Apr 6, 2020, at 20:20, Gilles Gravier via lists.openchainproject.org <gilles.gravier=wipro.com@...> wrote:
>
> Hi!
>
> Also, Zoom has started a complete overhaul process on its security and privacy recently: https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblog.zoom.us%2Fwordpress%2F2020%2F04%2F01%2Fa-message-to-our-users%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052973498&amp;sdata=bzgp4SFb7Hb8IHhOGdx5FxvcjhQfx9JCAyNX3u24a%2FI%3D&amp;reserved=0
>
> Which shows that they're taking this very seriously. You might already have noticed some tightening on conference rooms default settings starting this week-end. They've removed the IOS facebook SDK from their iPhone builds (so no leaking data to facebook anymore)... And they fixed the UNC issue which was pretty bad in itself (that was done in the last update of the client - if you haven't updated, you're still vulnerable - on Windows)...
>
> Yeah. I wouldn't discuss strategic government issues on Zoom... or corporate sensitive IP... but for an open source project, I think we're pretty safe indeed, as Shane says.
>
> Regards,
> <Outlook-4lafo32j.gif>
>
> Gilles Gravier
> Director, Senior Advisor
> Open Source - Blockchain
> M: +41 794728437
> in/gillesgravier  @gravax
> Wipro Limited
> From: main@... <main@...> on behalf of Shane Coughlan via lists.openchainproject.org<scoughlan=linuxfoundation.org@...>
> Sent: Monday 6 April 2020 13:05
> To: OpenChain Main <main@...>
> Subject: Re: [openchain] OpenChain Zoom room tested - complete success
>
> ** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**
>
> Hi Alan, McCoy, Gilles!
>
> Here is my take:
>
> The recent revelations about Zoom privacy probably mean that we do not want to continue having any sensitive one-to-one calls on the platform, perhaps using Skype, Signal, Teams or other services instead. I concur with Gilles about WebRTC. It works fine but it is not super secure.
>
> However, for the general OpenChain calls, we record and share everything, so security is not our key concern. Therefore, unless we get trolled, I suggest we continue. If we move off Zoom we will need to split between several services (UberConference has stopped working effectively in China).
>
> Of course, we need to monitor the situation...
>
> Regards
>
> Shane
>
> > On Apr 4, 2020, at 2:31, Gilles Gravier via lists.openchainproject.org <gilles.gravier=wipro.com@...> wrote:
> >
> > But you want to be careful with Jitsi also... WebRTC leaks things like device IP address... even when you are behind a VPN. This means that if you are in a country where the government isn't as nice as you want... and you are trying to communicate with your peers on a subject that is not fully aligned with state dogma you can get in trouble... Zoom will not do the same.
> >
> > https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cvedetails.com%2Fvulnerability-list%2Fvendor_id-18145%2FWebrtc.html&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052973498&amp;sdata=gQqqsvBv1Kp5kxdhDcs19ghj4S3phsDfNiks2EQzmp8%3D&amp;reserved=0
> >
> > https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.channelfutures.com%2Fmssp-insider%2Fwebrtc-security-real-time-data-flaw-leaks-endpoint-ip-addresses&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052973498&amp;sdata=NitDMIhf2lhUha8tvYhDCA7prDBsdyvtuNusjfUt5rI%3D&amp;reserved=0
> >
> > Because Zoom is fast taking over Cisco's Webex, we see all kind of FUD spread against Zoom (Zoom went from 10M to 200M users in 3 months - that's got to tickle Cisco)... But if you search for Webex security issues on Google, you'll find just as many...
> >
> > I don't want to bash on Jitsi. I use it. And it's open source. But if we're going to make a choice, let's make sure its for the right reasons. Zooms scales massively, has a stellar set of features, and costs that are extremely accessible... has native clients on Windows, MacOS, Linux, Android and IOS, as well as a web client for machines were one can't install apps. It's user friendly. Session recordings are automatically in MP4 which is very convenient. And A/V quality is really good.
> >
> > Regards,
> > <Outlook-tl3rqzis.gif>
> >
> > Gilles Gravier
> > Director, Senior Advisor
> > Open Source - Blockchain
> > M: +41 794728437
> > in/gillesgravier  @gravax
> > Wipro Limited
> > From: main@... <main@...> on behalf of McCoy Smith via lists.openchainproject.org<mccoy=lexpan.law@...>
> > Sent: Friday 3 April 2020 19:12
> > To: main@... <main@...>
> > Subject: Re: [openchain] OpenChain Zoom room tested - complete success
> >
> > ** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**
> >
> > LibrePlanet used jitsi this year when they had to go 100% virtual in the space of about a week
> > I presented using it and seemed to work pretty well
> > Might be worth a try; it’s definitely free as in beer and speech as FSF is very particular about that for their events (I had to use a Linux system for my preso as they don’t allow A***e or W*****s systems to run persos at their events
> >
> > > On Apr 3, 2020, at 10:06 AM, Alan Tse <Alan.Tse@...> wrote:
> > >
> > > Shane and others,
> > > Thanks for all your hard work on setting up Zoom. However, I'm a bit concerned given all the negative privacy and security press about Zoom this last week.
> > >
> > > I just learned that there is an open source alternative called jitsi. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fjitsi.org%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052973498&amp;sdata=HThm8H%2BOGZgh3vfHapBGF6vd3trXS8W%2BOEyJJIwSivo%3D&amp;reserved=0  Specifically, I saw it on one of the security blogs I follow. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.schneier.com%2Fblog%2Farchives%2F2020%2F04%2Fsecurity_and_pr_1&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052983498&amp;sdata=FkKvBiDRKGbws%2FV%2BvHf4a7HktBWAaXh3MD4W8qoR9kc%3D&amp;reserved=0.
> > >
> > > I just learned about it so don't have any specific experience with jitsi but perhaps it's worth investigating particularly given it's open source (Apache-2.0)?
> > >
> > > Anyone used it before or have thoughts?
> > >
> > > On 3/31/20, 9:44 PM, "main@... on behalf of Shane Coughlan" <main@... on behalf of scoughlan@...> wrote:
> > >
> > >    CAUTION: This email originated from outside of Western Digital. Do not click on links or open attachments unless you recognize the sender and know that the content is safe.
> > >
> > >
> > >    Thank you JongBaek! I believe we may have solved our remote working challenge :)
> > >
> > >> On Mar 31, 2020, at 16:54, Jongbaek Park (BKL) <jb.park@...> wrote:
> > >>
> > >> I am sorry that I could not have joined you on Zoom conference due to unexpected matter to attend to.
> > >> Zoom seems very nice to use and it’s use is explosively being expanded.
> > >> I also hope we could be connected with each other more easily and often thanks to this service.
> > >> Best regards,
> > >> Jongbaek
> > >>
> > >> From: main@... <main@...> On Behalf Of Shane Coughlan
> > >> Sent: Tuesday, March 31, 2020 2:07 PM
> > >> To: OpenChain Main <main@...>
> > >> Subject: [openchain] OpenChain Zoom room tested - complete success
> > >>
> > >> We connected China, Japan, Germany and Switzerland with video, no issues detected. Check out our discussion here:
> > >> https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Frec%2Fplay%2Fv5MsIu2qrzs3SIKWsASDC_8oW421L6-shyUdrvpZyEfjU3JVYVDzN7QTMeNLafiyMCld9CuJHaulF28c%3FcontinueMode%3Dtrue&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052983498&amp;sdata=9SVV8Ut6Tj43yFudFfs9eflgFT6l%2F4JBpn1y6EAFQ2U%3D&amp;reserved=0
> > >>
> > >> What is coming next?
> > >>
> > >> (1) guidance will be provided to help all our international groups use the room at any time
> > >>
> > >> (2) we will transition our online meetings to this service moving forward
> > >>
> > >> (3) our new video capabilities allow us to connect 100 people with video, screen sharing and recording...leading to the ability to host webinars for our community
> > >>
> > >> Watch this space.
> > >>
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
> >
> >
> > The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.wipro.com%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052983498&amp;sdata=R7fNmH0G9mUXMTVHMWcWotffOFCFrI8QeDSqQ7Z80vo%3D&amp;reserved=0
> >
>
>
>
>
> The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.wipro.com%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7C114866ebc4ba4b8094e008d7da1ceae8%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217690052983498&amp;sdata=R7fNmH0G9mUXMTVHMWcWotffOFCFrI8QeDSqQ7Z80vo%3D&amp;reserved=0
>




The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com


Re: OpenChain Zoom room tested - complete success

 

The only thing to watch for now is whether their security changes start messing with our freely accessible and usable room. We need it open for the international community :)

On Apr 6, 2020, at 20:20, Gilles Gravier via lists.openchainproject.org <gilles.gravier=wipro.com@...> wrote:

Hi!

Also, Zoom has started a complete overhaul process on its security and privacy recently: https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/

Which shows that they're taking this very seriously. You might already have noticed some tightening on conference rooms default settings starting this week-end. They've removed the IOS facebook SDK from their iPhone builds (so no leaking data to facebook anymore)... And they fixed the UNC issue which was pretty bad in itself (that was done in the last update of the client - if you haven't updated, you're still vulnerable - on Windows)...

Yeah. I wouldn't discuss strategic government issues on Zoom... or corporate sensitive IP... but for an open source project, I think we're pretty safe indeed, as Shane says.

Regards,
<Outlook-4lafo32j.gif>

Gilles Gravier
Director, Senior Advisor
Open Source - Blockchain
M: +41 794728437
in/gillesgravier @gravax
Wipro Limited
From: main@... <main@...> on behalf of Shane Coughlan via lists.openchainproject.org<scoughlan=linuxfoundation.org@...>
Sent: Monday 6 April 2020 13:05
To: OpenChain Main <main@...>
Subject: Re: [openchain] OpenChain Zoom room tested - complete success

** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**

Hi Alan, McCoy, Gilles!

Here is my take:

The recent revelations about Zoom privacy probably mean that we do not want to continue having any sensitive one-to-one calls on the platform, perhaps using Skype, Signal, Teams or other services instead. I concur with Gilles about WebRTC. It works fine but it is not super secure.

However, for the general OpenChain calls, we record and share everything, so security is not our key concern. Therefore, unless we get trolled, I suggest we continue. If we move off Zoom we will need to split between several services (UberConference has stopped working effectively in China).

Of course, we need to monitor the situation...

Regards

Shane

On Apr 4, 2020, at 2:31, Gilles Gravier via lists.openchainproject.org <gilles.gravier=wipro.com@...> wrote:

But you want to be careful with Jitsi also... WebRTC leaks things like device IP address... even when you are behind a VPN. This means that if you are in a country where the government isn't as nice as you want... and you are trying to communicate with your peers on a subject that is not fully aligned with state dogma you can get in trouble... Zoom will not do the same.

https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cvedetails.com%2Fvulnerability-list%2Fvendor_id-18145%2FWebrtc.html&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=DgxO3HPHjvTDNxJ9RqpDAUyzPbKBxT94BVa0Ndye5ug%3D&amp;reserved=0

https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.channelfutures.com%2Fmssp-insider%2Fwebrtc-security-real-time-data-flaw-leaks-endpoint-ip-addresses&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=tR1ccyF5NHCvkvb5HT1FmHyUQ2ck2aK92Eh74jaTwuM%3D&amp;reserved=0

Because Zoom is fast taking over Cisco's Webex, we see all kind of FUD spread against Zoom (Zoom went from 10M to 200M users in 3 months - that's got to tickle Cisco)... But if you search for Webex security issues on Google, you'll find just as many...

I don't want to bash on Jitsi. I use it. And it's open source. But if we're going to make a choice, let's make sure its for the right reasons. Zooms scales massively, has a stellar set of features, and costs that are extremely accessible... has native clients on Windows, MacOS, Linux, Android and IOS, as well as a web client for machines were one can't install apps. It's user friendly. Session recordings are automatically in MP4 which is very convenient. And A/V quality is really good.

Regards,
<Outlook-tl3rqzis.gif>

Gilles Gravier
Director, Senior Advisor
Open Source - Blockchain
M: +41 794728437
in/gillesgravier @gravax
Wipro Limited
From: main@... <main@...> on behalf of McCoy Smith via lists.openchainproject.org<mccoy=lexpan.law@...>
Sent: Friday 3 April 2020 19:12
To: main@... <main@...>
Subject: Re: [openchain] OpenChain Zoom room tested - complete success

** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**

LibrePlanet used jitsi this year when they had to go 100% virtual in the space of about a week
I presented using it and seemed to work pretty well
Might be worth a try; it’s definitely free as in beer and speech as FSF is very particular about that for their events (I had to use a Linux system for my preso as they don’t allow A***e or W*****s systems to run persos at their events

On Apr 3, 2020, at 10:06 AM, Alan Tse <Alan.Tse@...> wrote:

Shane and others,
Thanks for all your hard work on setting up Zoom. However, I'm a bit concerned given all the negative privacy and security press about Zoom this last week.

I just learned that there is an open source alternative called jitsi. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fjitsi.org%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=YfpTmiRWyIy5%2F4NIPxdirC91vYUsqyJxN160i0fEQNo%3D&amp;reserved=0 Specifically, I saw it on one of the security blogs I follow. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.schneier.com%2Fblog%2Farchives%2F2020%2F04%2Fsecurity_and_pr_1&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=8clG8EOvdBaEqIsP544ROPh3RBF1jc7c6KgwKnmtEts%3D&amp;reserved=0.

I just learned about it so don't have any specific experience with jitsi but perhaps it's worth investigating particularly given it's open source (Apache-2.0)?

Anyone used it before or have thoughts?

On 3/31/20, 9:44 PM, "main@... on behalf of Shane Coughlan" <main@... on behalf of @shanecoughlan> wrote:

CAUTION: This email originated from outside of Western Digital. Do not click on links or open attachments unless you recognize the sender and know that the content is safe.


Thank you JongBaek! I believe we may have solved our remote working challenge :)

On Mar 31, 2020, at 16:54, Jongbaek Park (BKL) <jb.park@...> wrote:

I am sorry that I could not have joined you on Zoom conference due to unexpected matter to attend to.
Zoom seems very nice to use and it’s use is explosively being expanded.
I also hope we could be connected with each other more easily and often thanks to this service.
Best regards,
Jongbaek

From: main@... <main@...> On Behalf Of Shane Coughlan
Sent: Tuesday, March 31, 2020 2:07 PM
To: OpenChain Main <main@...>
Subject: [openchain] OpenChain Zoom room tested - complete success

We connected China, Japan, Germany and Switzerland with video, no issues detected. Check out our discussion here:
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Frec%2Fplay%2Fv5MsIu2qrzs3SIKWsASDC_8oW421L6-shyUdrvpZyEfjU3JVYVDzN7QTMeNLafiyMCld9CuJHaulF28c%3FcontinueMode%3Dtrue&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367638954&amp;sdata=2paa9XQpQ%2BfWu1%2FxIuLpE5bothDwZOUuiS5DWL6Mqzo%3D&amp;reserved=0

What is coming next?

(1) guidance will be provided to help all our international groups use the room at any time

(2) we will transition our online meetings to this service moving forward

(3) our new video capabilities allow us to connect 100 people with video, screen sharing and recording...leading to the ability to host webinars for our community

Watch this space.










The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.wipro.com%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367638954&amp;sdata=s3jCpy2flrCsYae7izB1Jlil62RXkVnbdNt%2FaVtg49k%3D&amp;reserved=0



The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com


Re: OpenChain Zoom room tested - complete success

Gilles Gravier
 

Hi!

Also, Zoom has started a complete overhaul process on its security and privacy recently: https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/

Which shows that they're taking this very seriously. You might already have noticed some tightening on conference rooms default settings starting this week-end. They've removed the IOS facebook SDK from their iPhone builds (so no leaking data to facebook anymore)... And they fixed the UNC issue which was pretty bad in itself (that was done in the last update of the client - if you haven't updated, you're still vulnerable - on Windows)...

Yeah. I wouldn't discuss strategic government issues on Zoom... or corporate sensitive IP... but for an open source project, I think we're pretty safe indeed, as Shane says.

Regards,


Gilles Gravier
Director, Senior Advisor
Open Source - Blockchain
M: +41 794728437
in/gillesgravier  @gravax
Wipro Limited


From: main@... <main@...> on behalf of Shane Coughlan via lists.openchainproject.org <scoughlan=linuxfoundation.org@...>
Sent: Monday 6 April 2020 13:05
To: OpenChain Main <main@...>
Subject: Re: [openchain] OpenChain Zoom room tested - complete success
 
** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**

Hi Alan, McCoy, Gilles!

Here is my take:

The recent revelations about Zoom privacy probably mean that we do not want to continue having any sensitive one-to-one calls on the platform, perhaps using Skype, Signal, Teams or other services instead. I concur with Gilles about WebRTC. It works fine but it is not super secure.

However, for the general OpenChain calls, we record and share everything, so security is not our key concern. Therefore, unless we get trolled, I suggest we continue. If we move off Zoom we will need to split between several services (UberConference has stopped working effectively in China).

Of course, we need to monitor the situation...

Regards

Shane

> On Apr 4, 2020, at 2:31, Gilles Gravier via lists.openchainproject.org <gilles.gravier=wipro.com@...> wrote:
>
> But you want to be careful with Jitsi also... WebRTC leaks things like device IP address... even when you are behind a VPN. This means that if you are in a country where the government isn't as nice as you want... and you are trying to communicate with your peers on a subject that is not fully aligned with state dogma you can get in trouble... Zoom will not do the same.
>
> https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cvedetails.com%2Fvulnerability-list%2Fvendor_id-18145%2FWebrtc.html&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=DgxO3HPHjvTDNxJ9RqpDAUyzPbKBxT94BVa0Ndye5ug%3D&amp;reserved=0
>
> https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.channelfutures.com%2Fmssp-insider%2Fwebrtc-security-real-time-data-flaw-leaks-endpoint-ip-addresses&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=tR1ccyF5NHCvkvb5HT1FmHyUQ2ck2aK92Eh74jaTwuM%3D&amp;reserved=0
>
> Because Zoom is fast taking over Cisco's Webex, we see all kind of FUD spread against Zoom (Zoom went from 10M to 200M users in 3 months - that's got to tickle Cisco)... But if you search for Webex security issues on Google, you'll find just as many...
>
> I don't want to bash on Jitsi. I use it. And it's open source. But if we're going to make a choice, let's make sure its for the right reasons. Zooms scales massively, has a stellar set of features, and costs that are extremely accessible... has native clients on Windows, MacOS, Linux, Android and IOS, as well as a web client for machines were one can't install apps. It's user friendly. Session recordings are automatically in MP4 which is very convenient. And A/V quality is really good.
>
> Regards,
> <Outlook-tl3rqzis.gif>
>
> Gilles Gravier
> Director, Senior Advisor
> Open Source - Blockchain
> M: +41 794728437
> in/gillesgravier  @gravax
> Wipro Limited
> From: main@... <main@...> on behalf of McCoy Smith via lists.openchainproject.org <mccoy=lexpan.law@...>
> Sent: Friday 3 April 2020 19:12
> To: main@... <main@...>
> Subject: Re: [openchain] OpenChain Zoom room tested - complete success
>
> ** This mail has been sent from an external source. Treat hyperlinks and attachments in this email with caution**
>
> LibrePlanet used jitsi this year when they had to go 100% virtual in the space of about a week
> I presented using it and seemed to work pretty well
> Might be worth a try; it’s definitely free as in beer and speech as FSF is very particular about that for their events (I had to use a Linux system for my preso as they don’t allow A***e or W*****s systems to run persos at their events
>
> > On Apr 3, 2020, at 10:06 AM, Alan Tse <Alan.Tse@...> wrote:
> >
> > Shane and others,
> > Thanks for all your hard work on setting up Zoom. However, I'm a bit concerned given all the negative privacy and security press about Zoom this last week.
> >
> > I just learned that there is an open source alternative called jitsi. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fjitsi.org%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=YfpTmiRWyIy5%2F4NIPxdirC91vYUsqyJxN160i0fEQNo%3D&amp;reserved=0  Specifically, I saw it on one of the security blogs I follow. https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.schneier.com%2Fblog%2Farchives%2F2020%2F04%2Fsecurity_and_pr_1&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367628957&amp;sdata=8clG8EOvdBaEqIsP544ROPh3RBF1jc7c6KgwKnmtEts%3D&amp;reserved=0.
> >
> > I just learned about it so don't have any specific experience with jitsi but perhaps it's worth investigating particularly given it's open source (Apache-2.0)?
> >
> > Anyone used it before or have thoughts?
> >
> > On 3/31/20, 9:44 PM, "main@... on behalf of Shane Coughlan" <main@... on behalf of scoughlan@...> wrote:
> >
> >    CAUTION: This email originated from outside of Western Digital. Do not click on links or open attachments unless you recognize the sender and know that the content is safe.
> >
> >
> >    Thank you JongBaek! I believe we may have solved our remote working challenge :)
> >
> >> On Mar 31, 2020, at 16:54, Jongbaek Park (BKL) <jb.park@...> wrote:
> >>
> >> I am sorry that I could not have joined you on Zoom conference due to unexpected matter to attend to.
> >> Zoom seems very nice to use and it’s use is explosively being expanded.
> >> I also hope we could be connected with each other more easily and often thanks to this service.
> >> Best regards,
> >> Jongbaek
> >>
> >> From: main@... <main@...> On Behalf Of Shane Coughlan
> >> Sent: Tuesday, March 31, 2020 2:07 PM
> >> To: OpenChain Main <main@...>
> >> Subject: [openchain] OpenChain Zoom room tested - complete success
> >>
> >> We connected China, Japan, Germany and Switzerland with video, no issues detected. Check out our discussion here:
> >> https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Frec%2Fplay%2Fv5MsIu2qrzs3SIKWsASDC_8oW421L6-shyUdrvpZyEfjU3JVYVDzN7QTMeNLafiyMCld9CuJHaulF28c%3FcontinueMode%3Dtrue&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367638954&amp;sdata=2paa9XQpQ%2BfWu1%2FxIuLpE5bothDwZOUuiS5DWL6Mqzo%3D&amp;reserved=0
> >>
> >> What is coming next?
> >>
> >> (1) guidance will be provided to help all our international groups use the room at any time
> >>
> >> (2) we will transition our online meetings to this service moving forward
> >>
> >> (3) our new video capabilities allow us to connect 100 people with video, screen sharing and recording...leading to the ability to host webinars for our community
> >>
> >> Watch this space.
> >>
> >
> >
> >
> >
> >
> >
> >
> >
> >
>
>
>
>
> The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.wipro.com%2F&amp;data=02%7C01%7Cgilles.gravier%40wipro.com%7Cbb179d171edf429c6a9908d7da1a6d4a%7C258ac4e4146a411e9dc879a9e12fd6da%7C0%7C0%7C637217679367638954&amp;sdata=s3jCpy2flrCsYae7izB1Jlil62RXkVnbdNt%2FaVtg49k%3D&amp;reserved=0
>




The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com